Category: Red Hat SSO

This article discusses how to set up and configure a Keycloak instance to use OpenShift for authentication via Identity Brokering. This allows for Single Sign On between the OpenShift cluster and the Keycloak instance. The Keycloak instance will be running on the OpenShift cluster and leverage a ServiceAccount OAuth Client.

This step-by-step guide is a follow-up to the Red Hat 3scale API Management new 2.1 version announcement. As many of you will know, this new version simplifies the integration between APIcast gateway and Red Hat Single Sign-On through OpenID Connect (OIDC) for API authentication. As a result, now you can select OpenID Connect as your authentication mechanism besides API Key, App Key pair, and OAuth. Also, the on-premise version adds a new component that synchronizes the client creation on the Red Hat Single Sign-On domain.

It was more than 2 years ago that I blogged about building a Managed File Transfer (MFT) solution using Fuse and AMQ. First, many things have progressed, particularly the technology landscape. Second, MFT protocols have evolved. AS4 provides a new and improved way of securely exchanging documents over HTTP. In addition, the OASIS consortium governs a vendor-neutral open standard. This is great news, but how do we achieve support for these new standards and transports with our antiquated, legacy, and proprietary MFT software?

As of version 3.2.0, Keycloak has the ability to act as an “authorization service” for Docker authentication. This means that the Keycloak IDP server can perform identity validation and token issuance when a Docker registry requires authentication. Administrators may now leverage the same user base, audit controls, and configuration mechanisms in Keycloak to extend their SSO ecosystem past OpenID Connect and SAML to cover Docker registries. The chart below illustrates how this flow works:

I am pleased to announce the immediate availability of Red Hat Software Collections 3.0 Beta, Red Hat’s newest installment of open source development tools, dynamic languages, databases, and more. Delivered on a separate lifecycle from Red Hat Enterprise Linux with a more frequent release cadence, Red Hat Software Collections bridges development agility and production stability by helping you create modern applications that can be confidently deployed into production. Most of these components are also available in Linux container image format to streamline microservices development.

In addition to these new components having traditional support for x86_64, Red Hat Software Collection 3.0 Beta adds support for three new architectures: s390x, aarch64, and ppc64le.